﻿<?php
	include ("../conn.php");
	$user = "";
	if(isset($_POST['username'])){
		$user = mysql_real_escape_string($_POST['username']);
	}
	
	$pwd="";
	if(isset($_POST['pwd'])){
		$pwd = mysql_real_escape_string($_POST['pwd']);
	}

	$sql="select USERNAME,PWD FROM ".$databasepre."admin where USERNAME='".$user."' and PWD='".$pwd."'";
	//echo $sql;
	//exit;
	$query=mysql_query($sql);
	if($row=mysql_fetch_array($query)) {
		@session_start();
		$_SESSION['username']=$row['USERNAME'];
		$_SESSION['pwd']=$row['PWD'];
		//Header("Location: http://www.baidu.com/index.php");
		//echo "如果没有自动跳转，请点击这里 <a href='index.php'>管理平台</a>";
		echo "<script language='javascript'>alert('校验成功，马上进入管理平台!');window.location.href='index.php';</script>";
	} else {
		echo "<script>alert('对不起！用户名或密码正确，请重新输入！');history.go(-1);</script>";
	}
?>